drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in Gaim (Aktualisierung)
Name: |
Zwei Probleme in Gaim (Aktualisierung) |
|
ID: |
USN-781-2 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 6.06 |
|
Datum: |
Mi, 3. Juni 2009, 16:33 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1373
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1376 |
|
Applikationen: |
Pidgin |
|
Update von: |
Mehrere Probleme in Pidgin |
|
Originalnachricht |
--===============3218515353918140506== Content-Type: multipart/signed; micalg="pgp-sha1"; protocol="application/pgp-signature"; boundary="=-UlK7smO3lTZU9PG6FARf"
--=-UlK7smO3lTZU9PG6FARf Content-Type: text/plain Content-Transfer-Encoding: quoted-printable
Ubuntu Security Notice USN-781-2 June 03, 2009========================================================== gaim vulnerabilities CVE-2009-1373, CVE-2009-1376 ========================================================== A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the following package versions:
Ubuntu 6.06 LTS: gaim 1:1.5.0+1.5.1cvs20051015-1ubuntu10.2
After a standard system upgrade you need to restart Gaim to effect the necessary changes.
Details follow:
It was discovered that Gaim did not properly handle certain malformed messages when sending a file using the XMPP protocol handler. If a user were tricked into sending a file, a remote attacker could send a specially crafted response and cause Gaim to crash, or possibly execute arbitrary code with user privileges. (CVE-2009-1373)
It was discovered that Gaim did not properly handle certain malformed messages in the MSN protocol handler. A remote attacker could send a specially crafted message and possibly execute arbitrary code with user privileges. (CVE-2009-1376)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/g/gaim/gaim_1.5.0+1.5.1cvs2= 0051015-1ubuntu10.2.diff.gz Size/MD5: 35032 018074e6f3fe79b0334b616c41db8f16 http://security.ubuntu.com/ubuntu/pool/main/g/gaim/gaim_1.5.0+1.5.1cvs2= 0051015-1ubuntu10.2.dsc Size/MD5: 1061 fedec169b55ed59a1d258f4261d3342e http://security.ubuntu.com/ubuntu/pool/main/g/gaim/gaim_1.5.0+1.5.1cvs2= 0051015.orig.tar.gz Size/MD5: 4299145 949ae755e9be1af68eef6c09c36a7530
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/g/gaim/gaim-data_1.5.0+1.5.= 1cvs20051015-1ubuntu10.2_all.deb Size/MD5: 613400 851c17117f60a8bdd7a1a7945295bb95
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
http://security.ubuntu.com/ubuntu/pool/main/g/gaim/gaim-dev_1.5.0+1.5.1= cvs20051015-1ubuntu10.2_amd64.deb Size/MD5: 103268 3e801c048c16f37927274e223006cf12 http://security.ubuntu.com/ubuntu/pool/main/g/gaim/gaim_1.5.0+1.5.1cvs2= 0051015-1ubuntu10.2_amd64.deb Size/MD5: 954312 b221c7923480c8f561b19f25602fb42d
i386 architecture (x86 compatible Intel/AMD):
http://security.ubuntu.com/ubuntu/pool/main/g/gaim/gaim-dev_1.5.0+1.5.1= cvs20051015-1ubuntu10.2_i386.deb Size/MD5: 103268 7c5d619c893be0613fc3e9e520180ac3 http://security.ubuntu.com/ubuntu/pool/main/g/gaim/gaim_1.5.0+1.5.1cvs2= 0051015-1ubuntu10.2_i386.deb Size/MD5: 836516 36ab380abace72300ba4aa0da8af0423
powerpc architecture (Apple Macintosh G3/G4/G5):
http://security.ubuntu.com/ubuntu/pool/main/g/gaim/gaim-dev_1.5.0+1.5.1= cvs20051015-1ubuntu10.2_powerpc.deb Size/MD5: 103266 f8d87f5da7ae492b3e5564c132afb4de http://security.ubuntu.com/ubuntu/pool/main/g/gaim/gaim_1.5.0+1.5.1cvs2= 0051015-1ubuntu10.2_powerpc.deb Size/MD5: 924684 227c223828b0edcc564397b37281636a
sparc architecture (Sun SPARC/UltraSPARC):
http://security.ubuntu.com/ubuntu/pool/main/g/gaim/gaim-dev_1.5.0+1.5.1= cvs20051015-1ubuntu10.2_sparc.deb Size/MD5: 103252 4e6a313eced48612d2f35ab69ebd85b1 http://security.ubuntu.com/ubuntu/pool/main/g/gaim/gaim_1.5.0+1.5.1cvs2= 0051015-1ubuntu10.2_sparc.deb Size/MD5: 856864 9b00254efd713d0001bb7e11817e6bc3
--=-UlK7smO3lTZU9PG6FARf Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEYEABECAAYFAkomhsMACgkQLMAs/0C4zNpflgCgk04uAcWxmkxGVcAlq0a1MyMk ccwAn0klU8ZC218rAPdKxgA9R/uZyHxi =Bc8j -----END PGP SIGNATURE-----
--=-UlK7smO3lTZU9PG6FARf--
--===============3218515353918140506== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============3218515353918140506==--
|
|
|
|